Name: Windows 10 & Active Directory Security Best Practices for Preventing Ransomware
Start: 2023-01-20T12:58:00Z
End: 2023-01-20T12:59:07.000Z
Location: BrightTALK
Rating: 0

Netwrix empowers information security and governance professionals to identify and protect sensitive data to reduce the risk of a breach. Our solutions also limit the impact of attacks by helping IT teams detect, respond and recover from them faster and with less effort. Over 13,000 organizations worldwide rely on Netwrix solutions to strengthen their security and compliance posture across all three primary attack vectors: data, identity and infrastructure.

Network segmentation is widely recognized as crucial to preventing lateral movement, but there is another factor that is frequently underestimated — locking down user access. Imagine the damage that an adversary could do by compromising just one of the user accounts in your environment, especially if that account has privileged access to sensitive data or systems: costly data breaches, downtime, compliance penalties and more.
 
To reduce your risk, it’s vital to gain visibility into all standing privileges in your IT environment, and there is no simpler way than to use Netwrix Privilege Secure for Discovery. Join our webinar to learn about the hidden dangers of standing privileges and an elegant approach to privileged access management (PAM) that will revolutionize your security strategy.
 
In this session, we’ll demonstrate how you can:
·   Gain deep visibility into privileged accounts across your IT ecosystem.
·   Remove unnecessary administrative accounts from all endpoints in one click.
·   Dramatically reduce your attack surface by removing standing privileged accounts.

Standing Privileges: A Growing Concern Your Organization May Be Overlooking

Avec l'augmentation continue des cybermenaces qui visent à déstabiliser les organisations de différents secteurs et tailles, il est devenu vital pour les organisations d'agir et d'améliorer leurs défenses, à la fois au niveau de la gouvernance et au niveau opérationnel. C'est pourquoi, en janvier de cette année, le NIS2 est entré en vigueur, faisant évoluer la directive initiale de 2016 et marquant une nouvelle étape importante vers la définition complète de la cyber stratégie de l'Union européenne. L'objectif principal du NIS2 est d'améliorer le niveau de cyber-résilience des entreprises opérant dans l'UE.

Mais qu'est-ce que cela signifie réellement pour les organisations et comment seront-elles affectées ? Regardez notre webinaire pour découvrir plus sur :

NIS2 : pourquoi elle est nécessaire, ses principales exigences et comment s'y préparer
- L'impact de la directive NIS2 sur les organisations
- Comment Netwrix peut-il aider à l'adoption de NIS2

NIS 2 : Comment Netwrix aide à relever les défis de la cybersécurité

No matter the type of attack or the initial attack vector, eventually threat actors need access to an endpoint to establish persistence and to serve as the launch point for any privilege escalation and lateral movement. And because every attacker’s capabilities are limited by the operating system they compromise, Windows remains a favorite target, with its’ many means of running code, traversing systems, and elevating privileges.

A recent report showed that as many as 1 in 8 cyberattacks make it past security solutions and reach the endpoint, placing the battle for access to your environment squarely on your Windows’ endpoints. And while organizations like yours have endpoint solutions, not every solution provides the same levels of protection, making it necessary to take advantage of every means to secure the environment – which includes any native lockdown capabilities within Windows.
So, just how well can native management solutions from Microsoft secure the Windows endpoint?
In this Real Training for Free session, 4-time Microsoft MVP, Nick Cavalancia takes my seat as he first discusses:

The reality of attacks reaching the endpoint
Just how insecure is the default Windows endpoint?
What MITRE has to say about the misuse of a compromised Windows endpoint
Next up, you’ll hear from 18-time Microsoft MVP, Jeremy Moskowitz, as he covers the native limitations to consider when using Windows’ built-in policy management tools to secure the endpoint. Jeremy will also share practical strategies to address them. 

The session will focus on the limitations of the following native Windows endpoint management tools:
- Local Administrator Password Service (LAPS)
- USB GPO policy
- Applocker
- And more
Jeremy will also discuss exploring alternative approaches and third-party solutions to optimize policy deployment.

Stopping Attacks at the Windows Endpoint: The Lockdown Efficacy

Every password is a corporate asset (or risk center) that needs to be managed as such. Between accounts on non-integrated internal systems, cloud accounts, vendor sites, customer sites, banking apps and SaaS, users still have a lot of passwords and integration seems like a constant game of catch up. 

Because different departments are constantly implementing new services and applications.

Watch this session to explore the risks of 3rd party passwords and how to secure and efficiently control business assets:

- Common risks of password re-use and leaked passwords
- The value of auditing and monitoring
- The critical role of password policy

Better Password Hygiene in Active Directory

While traditional Identity Governance & Administration (IGA) solutions solve many access management challenges, deployment can be a huge headache. Indeed, adding new applications or users often requires a great deal of costly professional services.

Now there’s a next-generation IGA solution that’s easy to set up and maintain.

Watch this session to learn how it enables you to:
- Easily create onboarding and offboarding workflows from an intuitive modern interface
- Use flexible rules to allocate access rights using RBAC, ABAC or NGAC
- Allocate rights automatically using machine learning 
- Connect to any system or application using configurable connectors — no coding needed

Speed Up Your IGA Deployment With Machine Learning

Properly managing identities and groups is vital for avoiding costly data breaches, business downtime and compliance findings. 

You will get practical information about strategies for scaling your practices as your organization grows and adapting to other changes in your environment strengthening security while reducing IT workload. 

Watch this session to discover best practices for group and identity management :

• Specific ways to improve efficiency, how to automate processes like identifying and handling stale security and distribution groups 
• Synchronizing Groups via Linked Identity Stores
• Provision and Deprovision identities from HR
• Implementing lifecycles for Groups and Identities
• Real-world case studies highlighting successful implementations

AD & Azure AD Best Practices for Managing Users & Identities

Are you looking for effective strategies and tactics to improve group and identity management within your organization? Look no further! This insightful on-demand webinar is tailored specifically to address the challenges faced by IT professionals. In this session, we explore best practices and techniques that enhance security, compliance, and efficiency in group and identity management.

Key topics to be covered include:
- Specific ways for efficiently managing groups and identities.
- Automating through problems like group glut, outdated distribution groups, and other challenges that normally require excessive manual labor to solve.
- Strategies for managing scalability and tactics for adapting to change in your environment.
- Real-world case studies highlighting successful implementations.

Watch this recorded session at your convenience as we bring together experts and professionals to discuss the best practices that drive efficient and secure group and identity management.

Enterprise Best Practices for Group & Identity Management

Prepare to be captivated as Brian Johnson, a skilled white-hat hacker, embarks on a daring mission to infiltrate privileged accounts, with intentions ranging from illicit data acquisition to espionage and disruption of critical systems. The burning question lingers: Will he succeed in his audacious endeavors?
 
Secure your front-row seat at the exhilarating Hacker vs Netwrix live cyber battle, where you will witness firsthand the meticulous step-by-step unraveling of various common attacks. Immerse yourself in the revelation of how the implementation of the principle of least privilege across endpoints can emerge triumphant in salvaging the situation.
 
In this spectacle, Netwrix will demonstrate its prowess in defending against a multitude of attacks, including but not limited to:
 
- Exploiting widespread local admin access, often granted excessively, to extract clear-text credentials from memory.
- Performing lateral movement from one compromised system to gain local admin privileges across the network.
- Abusing open RDP access to remotely infiltrate a system with admin privileges, extracting copies of the AD database or exfiltrating sensitive content.
- Leveraging local admin rights.
- Utilizing downloadable malware.
- Exploiting USB devices.
 
Don't miss this extraordinary opportunity to witness the relentless clash between hackers and defenders, unfolding right before your eyes.

Ultimate Cyber Battle: Hacker vs Netwrix

Introducing the highly anticipated replay of our exclusive and interactive virtual PAM Summit! If you weren't able to catch the live event, fret not, because now you have the chance to experience it all firsthand through our replay. Don't miss out on this incredible opportunity to gain valuable insights and immerse yourself in the world of PAM. Grab a front-row seat and watch the replay now!

Day 2 of the event features an insightful opening keynote by Paul Fisher, titled "In the Future Everyone Will Have Privileged Access for Fifteen Minutes". He explores the changing landscape of business and computing, the impact on Privileged Access Management (PAM) vendors, and the need to shift privileged status from identities to resources and data.

Following the keynote, an Interactive Workshop: PAM Cyber Adventure will be conducted by Martin Cannard, Jeremy Moskowitz, and Nurlan Temirbulatov. Participants will have the opportunity to choose their own security adventure, learning about safeguarding against insider threats, preventing unauthorized access, and eliminating local admin rights. The workshop will provide practical insights, best practices, and a demonstration of the Netwrix PAM Solution's potential to revolutionize organizational security posture.

The day will conclude with a Q&A Session, allowing attendees to engage with the speakers and further delve into the topics discussed throughout the day.

Watch the session to explore:

- Changes in business and computing are influencing PAM vendors and bringing new players into the market
- Why standing privileges are not sustainable in the long term
- How we need to shift privileged status from identities and onto resources and data

And you`ll get to see Netwrix PAM Solution in action!

Next-Gen PAM Summit: Implementation & Execution

Introducing the highly anticipated replay of our exclusive and interactive virtual PAM Summit! If you weren't able to catch the live event, fret not, because now you have the chance to experience it all firsthand through our replay. Don't miss out on this incredible opportunity to gain valuable insights and immerse yourself in the world of PAM. Grab a front-row seat and watch the replay now!

Day 1 of the PAM Summit focuses on Strategy & Planning, offering a lineup of insightful sessions. Kick off the day with Sami Laiho's keynote, "Principle of Least Privilege in 2023 and Beyond", as he explores the evolving significance of least privilege in PAM.

Following the keynote, join the panel discussion, "Securing Tomorrow's Privileged Access: Identifying and Addressing Future Threats in PAM". Moderated by Martin Cannard, this session brings together industry experts Jeremy Moskowitz, Sami Laiho, and Rob Forbes to delve into emerging threats and effective strategies for securing privileged access.

To further deepen your understanding, engage in a Q&A Session with Experts, where you can seek clarifications and gain additional insights. This interactive session provides an opportunity to delve deeper into the topics covered during the day.

Watch this session to discover:

- The currently most used attack vectors in cyberattacks and how to protect against them
- Strategies for managing administrative accounts and privileges in an enterprise
- Effective methods for mitigating vulnerabilities in an enterprise
- Tips to future-proof your PAM (Privileged Access Management) strategy
- The top challenges associated with legacy PAM solutions
- Emerging trends, technologies, and risks surrounding PAM projects

Next-Gen PAM Summit: Strategy & Planning

In today's digital world, data access governance has become a crucial aspect of protecting sensitive information. Organizations are facing increasing challenges when it comes to managing data access and ensuring the security of their critical data. Join our upcoming webinar to learn about best practices for data access governance and how Netwrix solutions can help simplify this task.
 
During the webinar, we will discuss the following topics:
 
- The importance of data access governance in the digital age
- Best practices for identifying and classifying sensitive data
- Techniques for implementing access controls and permissions
- Strategies for monitoring and auditing data access
 
Netwrix offers a comprehensive suite of solutions that help organizations automate data access governance tasks, reducing the risk of data breaches and improving compliance with data protection regulations. Join us to learn more about how Netwrix solutions can simplify your data access governance tasks, and protect your sensitive information in the digital age.

Data Access Governance in the Digital Age

The cybersecurity insurance landscape is shifting as cyber attacks, like ransomware and malware, are becoming more sophisticated. We’re confronted with the uncomfortable reality where conventional approaches, such as meeting minimum compliance requirements and sticking to traditional privilege access management strategies, don’t do enough to protect an organization’s data. What’s worse is that only meeting the minimum can create gaps in cyber insurance and drive up premium costs.

Cyber insurance companies can have very specific requirements around an organization's current security practices, such as their EDR. To keep premiums down and to stay ahead of nefarious actors, one approach to consider is to adopt quick-to-deploy strategies, such as a more advanced concept of privilege access management called PAM+. It’s an approach that eliminates the impact of compromised admin credentials through Just-in-Time access, renders password-stealing malware ineffective, and delivers rapid time-to-value.

Watch this recording to deep dive into:

- A brief primer on the current cyber insurance landscape.
- How legacy PAM toolsets and approaches meet compliance requirements may not protect against the realized actual risk that cyber insurance providers care about.
- Recent case studies illustrate how PAM+ can help protect your organization from attacks involving lateral movement.

How PAM+ Helps Maximize Your Cyber Insurance Coverage

Active Directory steuert in Unternehmen weltweit den Zugriff auf wichtige Systeme und Daten, wird jedoch nicht immer sicher verwaltet. Deshalb ist es ein attraktives Ziel für Angreifer.

Wie können Sie Ihr Unternehmen bestmöglich vor diesen Angriffen schützen? Und wenn Sie eine Attacke nicht rechtzeitig verhindern konnten, wie können Sie diese umgehend erkennen und mit gezielten Maßnahmen darauf reagieren?

In unserem Webinar zeigen Experten auf, wie Sie Ihr Active Directory durchgängig schützen und darauf vertrauen können, dass Ihre Daten und Systeme sicher sind.

[Attack]tive Directory: Sicherheitslücken schließen [German]

Angreifer, die es auf Ihre Daten abgesehen haben, versuchen unablässig, in Ihre Active Directory-Umgebungen einzudringen. Dabei nutzen sie relativ einfache Angriffstechniken, die jedoch häufig schwer zu erkennen und abzuwehren sind. Möchten Sie mehr über die einzelnen Schritte der am häufigsten genutzten Angriffsmethoden erfahren und effektive Strategien für die Erkennung und Abwehr dieser Attacken kennenlernen?

In unserem Webinar erwartet Sie ein Cyber-Battle der besonderen Art: Dirk Schrader (CISSP, CISM, ISO27001 Practitioner) und ein "Hacker" werden verschiedene Angriffe starten und abwehren.

Active Directory-Sicherheit: ein Hacker gegen Netwrix [German]

In der digitalen Arbeitswelt ist der Arbeitsplatz überall – im Büro, Homeoffice und unterwegs. Dabei werden Daten und Informationen des Unternehmens genutzt, die vor Cyber-Angriffen geschützt und auf dem neuesten Stand sein müssen.

Netwrix PolicyPak fügt sich in die AD ein, automatisiert Abläufe und härtet die üblichen Einfallstore für Cyber-Attacken auf Endpoints.

Verwalten Sie Ihre Endpoints und Enduser sicher und zentral [German]

In der hybriden Arbeitswelt von heute greifen Mitarbeiter im Büro, im Homeoffice, unterwegs und über Kiosks auf ihre Desktop-PCs und Laptops zu. Die meisten Tools sind jedoch nicht für moderne Verwaltungsszenarien ausgelegt, weshalb es eine ziemliche Herausforderung darstellen kann, stets alle Daten und Anwendungen auf dem aktuellen Stand zu halten und ihre Sicherheit zu gewährleisten.

Mit der Plattform Netwrix PolicyPak können Sie die Verwaltung vereinfachen und die Sicherheit in hybriden oder Remote-Arbeitsszenarien verbessern.

Moderne Verwaltung von Endgeräten unabhängig vom Arbeitsort [German]

Zur Verwaltung ihrer privilegierten Administrator- und Dienstkonten nutzen viele Unternehmen lediglich Funktionen für die Sitzungsverwaltung und Kennworttresore. Dieser Ansatz für das Privileged Account Management (PAM) bietet jedoch keine Unterstützung für wichtige Aspekte wie das Auffinden und Erkennen von Berechtigungen sowie die Untersuchung von verdächtigem Administratorverhalten. Möchten Sie mehr darüber erfahren, von welchen Vorteilen Sie mit einem umfassenden PAM-Ansatz profitieren?

PAM 2.0: Intelligenter, besser, schneller und leistungsstärker [German]

Über 90 % der Unternehmen weltweit nutzen Active Directory (AD) als Authentifizierungs- und Autorisierungsplattform für ihre IT-Infrastruktur. Aufgrund seiner Komplexität wird Active Directory jedoch häufig falsch konfiguriert, sodass Angreifer leichtes Spiel haben und große Schäden in Ihrem Netzwerk anrichten können. Um dieses Risiko zu verringern, müssen Sie dafür sorgen, dass Ihr Active Directory ordnungsgemäß konfiguriert ist sowie engmaschig überwacht und streng kontrolliert wird. Netwrix unterstützt Sie bei diesen Aufgaben.

AD Masterclass: Konfigurationsstrategien für mehr Sicherheit Ihres AD [German]

According to the Department of Homeland Security, more than 4,000 ransomware attacks have occurred daily since January 1, 2016. Moreover, the Department of Homeland Security states that “Prevention is the most effective defense against ransomware and it is critical to take precautions for protection.” In accordance with the department’s Ransomware Executive One-Pager and Technical Document, preventative measures include the following:

1. Manage the use of privileged accounts based on the principle of least privilege: no users should be assigned administrative access unless absolutely needed, and those with a need for administrator accounts should only use them when necessary.

2. Implement Software Restriction Policies (SRP) or other controls to prevent programs from executing from common ransomware locations, such as temporary folders supporting popular Internet browsers or compression/decompression programs, including the AppData/LocalAppData folder.

Join Jeremy Moskowitz, 15-Time Microsoft MVP awardee for Endpoint Management and Enterprise Mobility, for a free 60-minute webinar on Windows 10 and Active Directory best practices for preventing ransomware in VMware environments. During this webinar, you’ll receive 100% free Windows security tips taken directly from Jeremy’s award-winning Group Policy training program. Plus, you’ll learn how VMware Administrators and engineers around the world use PolicyPak to protect their virtual networks from ransomware attacks.

Windows 10 & Active Directory Security Best Practices for Preventing Ransomware

Privileged Access Management

Endpoint Security

Enterprise Mobility

Ransomware

Cyber Security

Cyber Defence

IT Security

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Windows 10 & Active Directory Security Best Practices for Preventing Ransomware

Presented by

About this talk

More from this channel